Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5c5f40f2a55e2c1fb578d60da9a61bae184c7c6aca69d92b8fa76cf37430d2d8

  • Size

    269KB

  • Sample

    221008-wasmhsfcbm

  • MD5

    425538af8e268eb8ec8ca9fb3b0ac920

  • SHA1

    066c6045c4691db9b3a51ea6e470e15c670ac3a3

  • SHA256

    5c5f40f2a55e2c1fb578d60da9a61bae184c7c6aca69d92b8fa76cf37430d2d8

  • SHA512

    02817db2f5b0a42e8e3890dc697bc5844e3e48fcf55175ac43cc2a89939b5126fca548b520f8b302eef9f22cc7450037e5836df2e9e0e7d26c3f4eb42f79ab24

  • SSDEEP

    3072:FXKzdB+R/C+Y6N2ykWAKHga5q8Ukr4KD9YevTKq+ysUEr6PNM/h3qpZa9uD6VdyX:BwdB+RjKWAKEY829VTKq9s5KNrwVfXQ

Malware Config

Targets

    • Target

      5c5f40f2a55e2c1fb578d60da9a61bae184c7c6aca69d92b8fa76cf37430d2d8

    • Size

      269KB

    • MD5

      425538af8e268eb8ec8ca9fb3b0ac920

    • SHA1

      066c6045c4691db9b3a51ea6e470e15c670ac3a3

    • SHA256

      5c5f40f2a55e2c1fb578d60da9a61bae184c7c6aca69d92b8fa76cf37430d2d8

    • SHA512

      02817db2f5b0a42e8e3890dc697bc5844e3e48fcf55175ac43cc2a89939b5126fca548b520f8b302eef9f22cc7450037e5836df2e9e0e7d26c3f4eb42f79ab24

    • SSDEEP

      3072:FXKzdB+R/C+Y6N2ykWAKHga5q8Ukr4KD9YevTKq+ysUEr6PNM/h3qpZa9uD6VdyX:BwdB+RjKWAKEY829VTKq9s5KNrwVfXQ

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks